VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 12, 2009· Updated Apr 23, 2026

CVE-2009-1392

CVE-2009-1392

Description

The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsEventStateManager::GetContentState and nsNativeTheme::CheckBooleanAttr; (2) UnhookTextRunFromFrames and ClearAllTextRunReferences; (3) nsTextFrame::ClearTextRun; (4) IsPercentageAware; (5) PL_DHashTableFinish; (6) nsListBoxBodyFrame::GetNextItemBox; (7) AtomTableClearEntry, related to the atom table, DOM mutation events, and Unicode surrogates; (8) nsHTMLEditor::HideResizers; and (9) nsWindow::SetCursor, related to changing the cursor; and other vectors.

Affected products

112
  • Mozilla Corporation/Firefox13 versions
    cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
  • Mozilla Corporation/Seamonkey30 versions
    cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <=1.1.16
    • cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0:*:beta:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.5:1.1.10:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
  • Mozilla Corporation/Thunderbird69 versions
    cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 68 more
    • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=2.0.0.19
    • cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0_.12:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0_.13:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0_.14:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0_.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0_.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0_.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0_8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:2.0_.9:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

49

News mentions

0

No linked articles in our index yet.